I'm working on the exam, but will be back to add outline items. In the meantime, feel free to add your own outline.
Fraud - deliberate act or untruth intended to obtain unfair or unlawful gain
Internal Control
A process designed to provide reasonable assurance to achieve:
Effectiveness and efficiency of operations
Reliability of financial reporting
Compliance with applicable laws and regulations
It comprises of five components:
Control environment - reflects the organization's general awareness of and commitment to the imporance of control throughout the organization; by setting the example and addressing the need for control in a positive manner at the top of the organization, management can make an organization control conscious.
Risk assessment-identification/analysis of risk
Control activities-policies and procedures
Information and communication-processing info in a form and time frame that enables people to do their jobs
Monitoring-processes that assess quality of internal control over time
Common Business Exposures
Some examples of undesirable actions/events that an organisation wants to avoid:
erroneous recordkeeping - can be caused by the incomplete or inaccurate processing of an event.
unacceptable accounting - caused by an error in interpretation of GAAP or ignoring GAAP all together.
business interruptions - can be temporary or perminent. Often caused by damage to an organization's database.
erroneous management decisions - caused by managers using misleading or incorrect information or failing to acquire all of the information needed to make the best decision.
fraud and embezzlement - can be caused by misappropriation of funds or deliberate miscommunication of information, or communication of incorrect information to management and investors.
statutory sanctions - any penalties brought about by regulatory agencies. Can be caused by the violation of laws or regulations.
excessive costs - incurring unnecessary expenses involved in running the business. Can be caused by failing to have certain large expenditures require pre-approval.
loss or destruction of resources - loss of physical items, such as inventory or cash, as well as information resources. Caused by lack of safeguards, no security system in place, both physical security and information security.
competitive disadvantage - can be caused by the use of out dated technology that does not respond to customer needs in the best manner.
Business Process Control Goals
Control goals of operations processes:
Effectiveness of operations - success in meeting one or more process operation goals
Efficiency - productivity of the resources applied to achieve a set of goals
Security of resources - protecting the firm's resources from loss, destruction and all forms to misuse
Control goals of information processes:
Input validity - input data is for actual events and objects
Input completeness - input data includes ALL valid events and objects
Input accuracy - events were correctly recorded and the data was correctly entered
Update completeness - master data correctly reflects ALL the entered data
Update accuracy - master data correctly reflects the data that was entered
A Control Hierarchy
The Control plans- reflect information processing policies and procedures that assist in accomplishing control goals
Pervasive Control Plans (Chapter 8) - relate to a multitude of goals and processes; broad in scope and apply equally to all business process; ex. preventing unauthorized access to the computer system would protect all of the specific AIS processes that run on the computer.
Business Process Control Plans (Chapters 9-14) - relate to those controls particular to a specific process or subsystem, such as billing or cash receipts, or to a particular technology used to process data.
Preventive control plans - stop problems from occuring
Detective control plans - discover that problems have occured
Corrective control plans - rectify problems that have occured
Introduction to Internal Control:
I'm working on the exam, but will be back to add outline items. In the meantime, feel free to add your own outline.Fraud - deliberate act or untruth intended to obtain unfair or unlawful gain
Internal Control
A process designed to provide reasonable assurance to achieve:
- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations
It comprises of five components:Common Business Exposures
Some examples of undesirable actions/events that an organisation wants to avoid:Business Process Control Goals
Control goals of operations processes:
- Effectiveness of operations - success in meeting one or more process operation goals
- Efficiency - productivity of the resources applied to achieve a set of goals
- Security of resources - protecting the firm's resources from loss, destruction and all forms to misuse
Control goals of information processes:A Control Hierarchy